← Back

Gouguoyin

gouguoyin

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Phprap
phprap
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-11032
1Gouguoyin
1Phprap
Nov 21, 2024
May 14, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/controller/project.php search() function.
CVE-2018-11031
1Gouguoyin
1Phprap
Nov 21, 2024
May 14, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request.